The primary purpose of this register statement is to inform you as our customer of the kind of information Genano Ltd collects on our website and how the information is handled and protected. Please read this Statement carefully.
Personal Data Act (523/1999) paragraphs 10 and 24
Suomi. VAT: 2175218-0
Name of the person responsible for data protection:
Name: Riikka Niemi
Customer and Marketing register
Purpose of handling personal data
Personal data is used for maintaining, monitoring and developing our customer relations and realising the customer’s and Genano’s rights and obligations. Additionally, personal data is handled according to the GDPR for web services, research, advertising and/or direct marketing through register holders’ channels.
Personal data may be used for the following purposes:
1. Development, handling, follow-up and tracking of communication and marketing related to the customer relationship and customer service
2. Analysing, grouping and reporting customer relationships and other associated ways of developing them
3. Improving communication, marketing and services and controlling campaigns, contacts and transactions.
4. Collecting and handling customer feedback and customer satisfaction information.
5. Implementing market research and opinion polls.
The handling of personal data may be outsourced to external service providers.
Register information content
The register includes the following customer information:
1. Personal information (name, organisation and title, contact information of the organisation, billing information, phone number, email)
2. Marketing permissions and bans
3. Information connected with direct marketing and customer communications (i.e. newsletter subscriptions, campaign contact, industry, etc.)
4. Starting date of the registration
5. Other information related to register purposes
Regular sources of information
Information connected with customers is primarily gathered from customers themselves when a customer relationship begins and from persons via digital registration, contact, order, campaign or similar forms.
To whom do we disclose data and do we transfer data outside the EU or EEA?
We do not disclose information from the register to external third parties unless required by an agreement, consent or regulation. We may transfer personal data outside the EU/EEA as part of our operations. Some of the cloud services we use may be located outside the EU. We process information ourselves and use subcontractors who process personal data on behalf of and for us. We have outsourced our IT management to an outside service provider on whose server the personal data are stored.
We may transfer personal data outside the EU/EEA as part of our operations. If we do, we will ensure that the personal data in question are protected according to the privacy legislation in force from time to time.
Inspecting the data
As a data subject, you have the right to access the personal data stored in this register concerning yourself. You also have the right to withdraw your consent and the right to data portability. All requests and requirements concerning this section should be submitted in writing to the address mentioned above in the “Name of the person responsible for data protection” section. The identity of the registered person is confirmed with an identity card with a photo before any information is given out. Inspection of data may be withheld for legal reasons.
Correcting the data
To the extent that the registered person or user can act for themselves, they must, having being notified of the error or noticed the error unprompted, correct, remove or complement incorrect, unnecessary, faulty or old information stored in the register without any unnecessary delay. To the extent that the registered person is unable to correct the data themselves, the correction request is done with a signed document and is addressed to the data protection person responsible for correcting data. If identification is needed before the correction or removal, a photo identification card is used.
Information can be removed when the person so requires or due to the end of a customer relationship.
Personal data can be removed on demand or due to the termination of a customer relationship.
Right to prohibit
The customer can give Genano Ltd consent to direct marketing according to paragraph 26 of the Protection of Privacy or deny handling of any personal information regarding direct marketing according to paragraph 30 of the Personal Data Act.
The customer can consent to direct marketing by channel (mobile phone, email). The customer may deny direct marketing by channel (mobile phone, email, post), marketing surveys and the utilisation of personal information in relation to marketing activities. The right to prohibit does not include customer communication, service or sales promotions and advertising included in the customership. If the customer gives no consent and sets all the prohibitions, only information related to the execution of services and handling the customer relationship will be sent.
Consents and denials may be sent in writing to:
Data protection register principles
Personal data is stored confidentially and protected against unauthorised access and handling. Only Genano Ltd’s staff members or Genano Ltd’s trusted service providers who maintain or develop the solution are authorised to access the register. Computers and mobile phones with access to the register are protected with personal passwords and located in locked and monitored locations.
Genano.com is protected with an SSL certificate, which ensures that using the site and providing information through it are safe.
Any manual materials are kept in locked spaces which only people with access rights may enter. Access to digital material is only possible for identified people with a user name and password. There are different levels of user access, and each user has sufficient access – although in general the narrowest possible – related to the given work task.
Links & cookies
Third party websites
When you use the site, you accept the cookies.
This document is a valid Privacy Statement. We check and update it regularly.
Date of compilation 19.3.2019